Basic question is – is it safe to store HTML in a database if I restrict who can submit to it?
I have a pretty simple question. I provide video tutorials and other content. Without spending months writing a proper BBCode parser, I would need to store the HTML so I can have it look exactly the way I want when I grab it from the database.
Basically I plan to store all information in the database about a tutorial series and each episode. I would like to have some formatting for the descriptions for both so I can add multiple paragraphs, ordered and unordered lists, links to required resources, and so on.
I am using PHP and creating my own database. I am using phpMyAdmin to store the information in the table right now. I will use a user with read only rights when I pull the information in the PHP code.
What is the best way to do this? Thank you!
The question is unclear. Certainly it is possible to store html (or whatever markup or language) inside a database. Also handling that with PHP is possible. All you have to make sure is that you escape the content so that a) your code is not open to sql injection and b) the statements are valid regardless of the contents value. Best is to use prepared statements for this, take a look at PDO.
My apologies. The question basically is, it is safe to store raw html in the database if I only allow myself to be the only person with editing the information through phpMyAdmin.